Lazarus
Programming => Networking and Web Programming => Topic started by: hrayon on October 21, 2021, 02:54:32 pm
-
Hi!
I implemented a service and put an Indy http server on it (TIdHTTPServer Indy 10) to listen on port 8180. I test all requests in F_IdHTTPServer_Web.OnCommandGet and if I don't receive the inputs I'm waiting for, I exit the procedure.
I compiled and left the service running for several days on a server, on a LAN, behind a firewall.
My questions are:
1-See the attached figure. This happened after a few days. It's a ProcessExplorer screenshot of the service. Does this mean that the firewall is not blocking properly since I don't know about these IPs (neither recyber.net)?
2-Is there any vulnerability in the TIdHTTPServer component being exploited?
3-Any tips on how to prevent these strange IPs from connecting to the service besides being blocked by the firewall?
-
First of all, if your server is open to the Internet, you will definitely have unwanted guests in some way. So I don't think this is indy related.
To deal with these situations;
I recommend using a very strong firewall like pfsense. https://www.pfsense.org/ (https://www.pfsense.org/)
If you want to get more detailed information;
I recommend using wireshark https://www.wireshark.org/ (https://www.wireshark.org/) to analyze network traffic. Thus, you can examine the incoming and outgoing package contents.
-
OK, thank you!